Báo cáo đề cương tổng quát

8/2/2019 Bo co cng tng qut

1/27

TRNG I HC PHAN CHU TRINHKHOA CNG NGH THNG TINTel. , Fax.

Website:pctu.edu.vn, E-mail:

LUN VN TT NGHIP K SNGNH CNG NGH THNG TIN

M NGNH :

TI :

TM HIU V TRIN KHAI CC CHNH SCH LC GI TRNROUTER CISCO

M s :

Ngy bo v : 15,16/5/2012

SINH VIN : NGUYN TRUNG VITLP : 07KSMCBHD : HUNH TRIU V

Hi An, 05/2012
mailto:pctu.edu.vnmailto:pctu.edu.vn


2/27

NHN XT CA GIO VIN HNG DN

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................


3/27

NHN XT CA GIO VIN PHN BIN

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................


4/27

LI CM N

Trc tin em xin gi li cm n chn thnh su sc ti cc thy c gio trong

trng i hc PHAN CHU TRINH ni chung v cc thy c gio trong khoa Cng

Ngh Thng Tin ni ring tn tnh ging dy, truyn t cho em nhng kin thc,

kinh nghim qu bu trong sut thi gian qua.

c bit em xin gi li cm n n thy Hunh Triu V, thy tn tnh gip ,

trc tip ch bo, hng dn em trong sut qu trnh lm n tt nghip. Trong thi

gian lm vic vi thy, em khng ngng tip thu thm nhiu kin thc b ch m cn

hc tp c tinh thn lm vic, thi nghin cu khoa hc nghim tc, hiu qu, y

l nhng iu rt cn thit cho em trong qu trnh hc tp v cng tc sau ny.

Sau cng xin gi li cm n chn thnh ti gia nh, bn b ng vin, ng

gp kin v gip trong qu trnh hc tp, nghin cu v hon thnh n tt

nghip ny.


5/27

LI CAM OAN

Ti xin cam oan :

Nhng ni dung trong lun vn ny l do ti thc hin di s hng dn trc tip

ca thy Hunh Triu V.

Mi tham kho dng trong lun vn u c trch dn r rng tn tc gi, tn

cng trnh, thi gian, a im cng b.

Mi sao chp khng hp l, vi phm quy ch o to, hay gian tr,ti xin chu hon ton trch nhim.

Sinh vin

Nguyn TrungVit


6/27

MC LC


7/27

DANH MC HNH


8/27

DANH MC BNG


9/27

DANH MC VIT TT


10/27

M U

Cng vi s pht trin ca cng ngh thng tin, cng ngh mng my tnh v c bit lmng Internet ngy cng pht trin a dng v phong ph. Cc dch v trn mng Internet

xm nhp vo hu ht cc lnh vc trong i sng x hi. Cc thng tin trao i trnInternet cng a dng c v ni dung v hnh thc, trong c rt nhiu thng tin cn bomt cao bi tnh kinh t, tnh chnh xc v tin cy ca n.

Bn cnh , nhng dch v mng ngy cng c gi tr, yu cu phi m bo tnh n nhv an ton cao. Tuy nhin, cc hnh thc ph hoi mng cng tr nn tinh vi v phc tphn, do i vi mi h thng, nhim v bo mt t ra cho ngi qun tr l ht scquan trng v cn thit.

Gii php bo mt trn Router Cisco l gii php kh thi nht v va m bo c nhngyu t bo mt va b ra chi ph va phi. Hin nay ang c s dng rt rng ri. Cngngh ny ngy cng pht trin. l l do ti chn ti Tim Hiu V Trin Khai CcChnh Sch Lc Gi Trn Router Cisco. ti em li nhng li ch p ng nhu cuthit thc ca x hi.

Vic u tin ngh n l thit k m hnh mng v p dng vo thc t, m bo c tnhbo mt l iu m ti quan tm nht. T a ra cc gii php hp l vi chi ph lpt v s pht trin ca cng ngh ngy nay.


11/27

TM TT NI DUNG BO CO

Chng 1 : C s l thuyt

Tng quan v vn an ton mng.

Khi qut v an ton mng.

Nguy c lm mt an ton thng tin mng.

Cc gii php v bo mt.

Chng 2: Chnh sch lc gi

Trnh by v cc chnh sch bo mt bng phng php lc gi .

Chc nng ca cc chnh sch lc gi.

Tm hiu v Access-list trong Router Cisco.

Chng 3: Trin khai chnh sch lc gi trn Router CISCO

Tm hiu cc yu cu thc t.

Cu hnh Access-list trn Router Cisco.

Demo

Hng pht trin.


12/27

CHNG I: TNG QUAN V VN AN NINHTRONG MNG MY TNH

1.1.Cc nguy c e da h thng v mng my tnh

1.1.1.M t cc nguy c

Chng ta hy hnh dung vi mt h thng thng tin (Mng LAN, mng Intranet ...)ang hot ng, n mt ngy no n b t lit ton b bi mt k ph hoi c tnh no; hoc nh nhng hn l pht hin thy cc d liu qu bu ca mnh b sai lc mt cchc , thm ch b mt.

X l, phn tch, tng hp v bo mt thng tin l hai mt ca mt vn khng thtch ri nhau. Ngay t khi my tnh ra i, cng vi n l s pht trin ngy cng lnmnh v a dng ca cc h thng x l thng tin ngi ta ngh ngay n cc gii phpm bo an ton cho h thng thng tin ca mnh.

Vi mt mng my tnh bn s c bao nhiu nguy c b xm phm ? Cu tr li chnhxc l mi thi im, mi v tr trong h thng u c kh nng xut hin.

Chng ta phi kim sot cc vn an ton mng theo cc mc khc nhau l :

Mc mng: Ngn chn k xm nhp bt hp php vo h thng mng.

Mc Server: Kim sot quyn truy cp, cc c ch bo mt, qu trnh nhn dngngi dng, phn quyn truy cp, cho php cc tc v

Mc CSDL: Kim sot ai? c quyn nh th no ? vi mi c s d liu.

Mc trng thng tin: Trong mi c s d liu kim sot c mi trng d liucha thng tin khc nhau s cho php cc i tng khc nhau c quyn truy cp khcnhau.

Mc mt m: M ho ton b file d liu theo mt phng php no v ch chophp ngi c cha kho mi c th s dng c file d liu.

Theo quan im h thng, mt x nghip c thit lp t ba h thng sau:- H thng thng tin qun l.

- H thng tr gip quyt nh.

- H thng cc thng tin tc nghip.


13/27

Trong h thng thng tin qun l ng vai tr trung gian gia h thng tr gipquyt nh v h thng thng tin tc nghip vi chc nng ch yu l thu thp, x l vtruyn tin.

Trong thi gian gn y, s v xm nhp tri php vo cc h thng thng tin qua mng

Internet v Intranet ngy cng tng. C nhiu nguyn nhn dn n vic cc mng b tncng nhiu hn, trong s nhng nguyn chnh c th k n xu hng chuyn sang mitrng tnh ton Client/Server (khch/ch), cc ng dng thng mi in t, vic hnhthnh cc mng Intranet ca cc cng ty vi vic ng dng cng ngh Internet vo ccmng kiu ny dn ti xo nho ranh gii gia phn bn ngoi (Internet) v phn bn trong(Intranet) ca mng, to nn nhng nguy c mi v an ton thng tin. Cng cn lu rngnhng nguy c mt an ton thng tin khng ch do tn cng t bn ngoi m mt phn lnli chnh l t ni b: nhn vin bt mn, sai st ca ngi s dng, thc bo mt km,

Qua s tng quan mt h thng tin hc (hnh 34), ta c th thy cc v tr c nguy cv an ton d liu. Cc phng php tn cng vo h thng thng tin ca nhng k phhoi (hacker) ngy cng tr nn tinh vi, li dng nhng im yu c bn ca mi trngtnh ton phn tn. Mt s cc phng php tn cng thng gp:

- Cc th thut quan h: Hacker mo nhn l ngi trong c quan, ngi ph trchmng hoc nhn vin an ninh hi mt khu ca ngi s dng. Vi nhng mng cngi s dng t xa th hacker ly l do qun mt khu hoc b hng a cng yu cucp li mt khu.

- B mt khu: Hacker tm cch ly file mt khu v sau tn cng bng t in,

da trn cc thut ton m ho m cc h iu hnh s dng. Nhng mt khu yu rt d bpht hin bng cch ny.

- Virus v cc chng trnh tn cng t bn trong. Hacker c th s dng chng thc hin nhng vic nh: bt cc k t g vo t bn phm tm mt khu, chp trmfile mt khu, thay i quyn ca ngi s dng ...

- Cc cng c tn cng gi mo a ch (IP spoofing): hacker c th dng nhng cngc ny lm h thng tng lm my tnh ca hacker l mt my trong mng ni b,hoc xo du vt trnh b pht hin.


14/27

Hnh 34: S tng quan mt h thng tin hc

- Phong to dch v (DoS Denial of Service): kiu tn cng ny nhm lm ginon hot ng ca mng, V d gy li ca chng trnh ng dng lm treo my, tonhng thng ip gi trn mng chim ng truyn hoc lm cn cng sut x l camy ch.

1.1.2.Nguy c lm mt an ton mng thng tin mng

Theo cc chuyn gia v an ninh mng, hin nay c kh nhiu nguy c khin cho d liutrong my tnh b tht thot. Tuy nhin, c th c th ha thnh 4 nguy c chnh sau:

Unstructure Threats: nguy c t nhng ngi khng c kin thc nhiu v mng

v h thng, h tm kim cc cng c c xy dng sn v th khai thc thng

tin t ngi khc.

Structure Threats: nguy c t nhng ngi c hiu bit v mng v h thng. H

t xy dng chng trnh v cc cng c ring, s dng cc cng c ny v i

khai thc thng tin ca nhng ngi khc.


15/27

Internal Threats: nguy c t nhng ngi bn trong mng ni b cng ty r r

thng tin ra ngoi.

External Threats: nguy t mng Internet, hacker xm nhp vo trong mng ni b

ca doanh nghip v ly cp thng tin.Bo mt lun l u tin hng u ca mi lnh vc trong x hi. Ngy nay vi s pht trinkhng ngng ca cng ngh thng tin, cc vn an ninh mng c t ra vi nhiu giiphp.

Bo mt l mt gii php vi mc ch m bo c an ton ca thng tin d liu ngthi cho php mc th hin (performance) hot ng mc chp nhn c. Vic bomt thng tm kim mt v tr thng bng gia nhu cu bo mt-tc -nhu cu doanhnghip.

1.1.3.Yu cu ca bo mt

Hin nay cc bin php tn cng cng ngy cng tinh vi, s e do ti an ton thng tinc th n t nhiu ni theo nhiu cch chng ta nn a ra cc chnh sch v phngphp phng cn thit. Mc ch cui cng ca an ton bo mt l bo v cc thng tinv ti nguyn theo cc yu cu sau:

m bo tnh tin cy(Confidentiality): Thng tin khng th b truy nhp tri php

bi nhng ngi khng c thm quyn.

m bo tnh nguyn vn(Integrity): Thng tin khng th b sa i, b lm gi

bi nhng ngi khng c thm quyn.

m bo tnh sn sng(Availability): Thng tin lun sn sng p ng s

dng cho ngi c thm quyn.

m bo tnh khng th t chi (Non-repudiation): Thng tin c cam kt v

mt php lut ca ngi cung cp.


16/27

1.1.4.Cc gii php v bo mt

Nghin cu v bo mt trn mng l vn rt rng, nhiu gii php t ra. Cc gii phpbo mt chung nht cho mng internet. Di y l mt s gii php:

-Tng la(Firewall): da trn kh nng kim tra mnh v tch hp cng ngh ngnchn xm nhp vo firewall bo v mng bin trc nhng cuc tn cng cp

ng dng. Loi tng la ny cung cp cc tnh nng kim sot truy cp mng v c

lp tn cng, cho php khch hng bo v c s h tng.

-Mng ring o(VPN): hot ng chung trn mng ADSL, khng c ng truyn

ring.

IPSec VPN: Cc gii php VPN cung cp kt ni an ton, bn vng cho truy

cp ton mng gia cc v tr ca tr s vi cc vn phng xa v nhngngi lm vic t xa cng nh cc i tc.

SSL VPN: Cng ngh ny cho php m rng truy cp an ton vi chi ph thp

ti cc nhn vin lu ng, i tc v khch hng bng cch cung cp cc kim

sot truy cp theo nhm v ngi dng chnh, c mc ng dng ln ton b

ti nguyn mng.

- ACLs(Access Control Lists) l mt danh sch cc chnh sch c p dng vo cc cng(interface) ca mt router. Danh sch ny ch ra cho router bit gi tin (packet) no c

cho php i qua (permit), hay gi tin no b hy b (deny). S chp nhn hay hy b nyc th da trn da vo a ch ngun (source address), a ch ch (destination address),ch s cng (socket).

- Thu knh ring (Leased Line):

Kt ni Internet 24h/24h bng cc ng kt ni trc tip

An ton, tin cy(bo mt cao)

Tc cao c d phng tt trn nn mng trc Internet quc gia.

Chi ph lp t cao v phi thu ring ng truyn

ng dng nhiu trong cc t chc, doanh nghi p

Phi ni thm rng s khng c mt gii php dng chung cho mi qui m mng ca doanhnghip. La chn tt nht cho doanh nghip phi da trn vic cn nhc cc yu t: h iu


17/27

hnh trin khai trn my ch v my trm, ti nguyn mng cn thit cho vic truy cp,mc bo mt yu cu, cc vn v hiu sut, kh nng qun tr

T nhng gii php trn, ti nhn thy gii php bo mt ACLs(Access Control List) vap ng c tnh bo mt d liu, nhu cu ca cc doanh nghi p v vn chi ph lp t.

Phn tip theo s hng chng ta vo cng ngh ACLs(Access Control List) trn RouterCisco. Mt ng dng ang c p dng rng ri trong cc doanh nghi p v nh trng.

Mt trong nhng mi quan tm chnh ca bt k cng ty no l vic bo mt d liu cah. Bo mt d liu chng li cc truy nhp v thay i tri php khng ch l mt vn trn cc mng. Vic truyn d liu gia cc my tnh hay gia cc mng LAN vi nhau cth lm cho d liu b tn cng v d b thm nhp hn l khi d liu vn cn trn mt mytnh n.

Bo mt khng phi l vn ring ca ACLs m thc t l mi quan tm v thch thcca tt c cc t chc c nhu cu s dng mi trng mng Internet trao i thng tin.

1.2.Gii php v bo mt chnh sch lc gi trn Router Cisco

-Access control list co 2 gii php l:

1.Standar

2.Extented

-Ci Stantar chi lc gi(cm/cho php) a ch IP ngun v ch.-Ci Exten l lc gi m rng (cm/cho php) cm qua giao thc :port,http,smtp

-To ra cc rule(lut) cho php thc hin hay cm mt vic no tng tc trongmng.


18/27

CHNG II: CHNH SCH LC GI

2.1.Gii thiu v cc chnh sch bo mt Access Control List

2.1.1.Khi nim v cc chnh sch lc gi ACLs* ACL l mt danh sch cc cu lnh c p t vo cc cng (interface) ca router.Danh sch ny ch ra cho router bit loi packet no c chp nhn (allow) v loi packetno b hy b (deny). S chp nhn v hu b ny c th da vo a ch ngun, a chch hoc ch s port* ACL(Accesscontrol-list) c s dng cho lu thng Layer 3 (routable traffic). Acldng xc nh gi tin lu chuyn vo ra trn giao din router, kt qu sau khi xc nhc th s dng vo nhiu mc ch khc nhau nh l :- X l cc chnh sch an ninh ( xc thc, VPN, Firewal)- X l cc chnh sch nh tuyn (Destination / source based routing)- X l cc chnh sch NAT/PAT2.1.2.Access Control List dng lm g- Access-list dng lc lu lng mng bng cch kim sot vic nh tuyn cc gi tin

c chuyn tip hoc chn li ti router. Khi router kim tra tng gi tin liu chuyn tip hay l nh rt cc gi tin da trn danh sch c ta nh sn.- Access c th l a ch ngun ca lu lng truy cp, a ch ch ca giao thng, giaothc lp trn hoc cc thng tin khc. Ngi dng c th i khi thnh cng thot khiaceess-list c bn v khng yu cu xc thc.


19/27

2.1.3.Ti sao phi s dng Access Control List

Access Control List trong m hnh mng:

- Qun l cc IP traffic

- H tr mc c bn v bo mt cho cc truy cp mng, th hin tnh nng lc ccpacket qua router

2.1.4.Cc loi ACLs

C 2 loi Access lists l: Standard Access lists v Extended Access lists

- Standard (ACLs): Lc (Filter) a ch ip ngun (Source) vo trong mng t gn ch(Destination).- Extended (ACLs): Lc a ch ip ngun v ch ca 1 gi tin (packet), giao thc tngNetwork layer header nh TCP, UDP, ICMP, v port numbers trong tng Transportlayer header. Nn t gn ngun (source).

2.1.5. Chc nng ca ACLs

+Xc nh tuyn ng thch hp cho DDR (dial-on-demand routing)+ Thun tin cho vic lc gi tin ip+ Cung cp tnh sn sng mng cao


20/27

2.1.6. Cch t ACLs.

a- Inbound ACLs.

+ Inbound: ni nm na l 1 ci cng vo(theo chiu i vo ca gi tin) trn Router nhnggi tin s c x l thng qua ACL trc khi c nh tuyn ra ngoi (outboundinterface). Ti y nhng gi tin s dropped nu khng trng vi bng nh tuyn(routing table), nu gi tin (packet) c chp nhn n s c x l trc khi chuyn giao(transmission).

b- Outbound ACLs.

+Outbound: l cng i ra ca gi tin trn Router, nhng gi tin s c nh tuyn n

outbound interface v x l thng qua ACLs, trc khi a n ngoi hng i (outboundqueue).

2.1.7.C ch hot ng ca ACLs.

- ACL s c thc hin theo trnh t ca cc cu lnh trong danh sch cu hnh khi toaccess-list. Nu c mt iu kin c so khp (matched) trong danh sch th n s thchin, v cc cu lnh cn li s khng c kim tra na.Trng hp tt c cc cu lnhtrong danh sch u khng khp (unmatched) th mt cu lnh mc nh deny any cthc hin. Cui access-list mc nh s l lnh loi b tt c (deny all). V vy, trongaccess-list cn phi c t nht mt cu lnhpermit.

Khi packet i vo mt interface, router s kim tra xem c mt ACL trong inboundinterface hay khng, nu c packet s c kim tra i chiu vi nhng iu kin trongdanh sch.

Nu packet c cho php (allow) n s tip tc c kim tra trong bng routing quyt nh chn interface i n ch.

Tip , router s kim tra xem outbound interface c ACL hay khng. Nu khng thpacket c th s c gi ti mng ch. Nu c ACL outbound interface, n s kim tra

i chiu vi nhng iu kin trong danh sch ACL .

- Mt s im cn lu

* Ch c th thit lp 1 ACL trn giao thc cho mi hng trn mi interface. Mtinterface c th c nhiu ACL.* Router khng th lc traffic m bt u t chnh n.


21/27

* Cu lnh no t trc th x l trc. Khi 1 cu lnh mi thm vo danh sch, n s tcui danh sch.* Standard ACLs: Nn t gn ch ca traffic.* Extended ACLs: Nn t gn ngun ca traffic.* Mc nh c hai lnh the Access-Group hay the Access-Class theo chiu OUT

2.1.8.Thut ton hot ng ca ACLs

Hnh nh m t hot ng ca ACLs:

Cng vo d liu c gi l Incoming, cng ra l Outcomming, trc tin n s d bngnh tuyn, nu ng th tip in l kim tra ACLs, nu ng th i tip, ngc li s bihu b.ACLs ho t ng theo th t v th c hi n cu l nh u tin n u n matched.


22/27

Hnh trn cho ta thy ACLs kim tra cc danh sch truy cp nh th no.

2.2.Cu hnh Access Control List

2.2.1. Standard Access lists.

Standard ACLs s dng s t 1 -> 99 hay 1300 -> 1999.C 2 bc to ACLs:B1: nh ngha danh sch ACLs t vo interface.router(config)#access-list [ACL number] [permit|deny] [source address] [wildcard mask][log]Hoc l :

router(config)#access-list [ACL number] [permit|deny] [host|any] [source address]B2: Sau t danh sch(ACLs) vo interface trn router m ta mun chn gi tin ngay ti.router(config)#interface [interface-number]router(config-if)#ip access-group [ACL number] [in out]- v standard access list ch kim tra c a ch ngun nn phi p access list vo cnggn ch nht


23/27

2.2.2. Extended Access lists.#: Extanded ACLs s dng s t 100 -> 199 hay 2000 -> 2699.Cng ging standard ACL v thm mt s cch lc gi tin nh: Source and destination IPaddress (a ch ngun a ch ch) IP protocol TCP, UDP, ICMP (cm giao thc)Port information (WWW, DNS, FTP, TELNET,) ( cm cc dch v thng qua cc cng

hot ng ca n) Cc lnh cu hnh:Ta c ng th c hi n 2 b c gi ng nh Standard ACLs

B1: To access list ti grobal config moderouter(config)#access-list [#] [permit deny] [protocol] [source address] [wildcard mask][operator source port] [destination address] [wildcard mask] [operator destination port][log]Ho c

router(config)#access-list [#] [permit deny] [protocol] [host] [source address] [host]

[destination address][ lt, gt, neq, eq, range] [port number]B2: P DNG ACCESS LIST VO CNGrouter(config)#interface [interface-number]router(config-if)#ip access-group [#] [in out] - interface access controlMt s port thng dng:21 FTP23 TELNET25 SMTP53 DNS69 TFTP80 WWW161 SNMP520 RIP2.2.3. Complex ACLsa. Dynamic ACLs:Cc bc cu hnh:B 1: To mt ti khon ngi dng local trn routerB 2: To mt Extended ACLs cho php tt c cc host c telnet n host 10.2.2.2. Khitelnet thnh cng s cho php ng mng 192.168.10.0 i qua ng mng 192.168.30.0vi thi gian timeout 15 pht (absolute time)(ALCs ng s sinh ra khi lnh access-enablec bt ln v s mt i sau 15 pht bt chp user c s dng n hay ko)

B 3: Gn ACLs cho interface ch nhB 4: Ch nh n u user telnet v xc th c thnh cng th s thi t l p m t session 5 pht, n u user ko s d ng session ny n s k t thc sau 5 pht (idle timeout) n u user s d ng session ny n s k t thc sau 15 pht.


24/27

b. Replexive ACLsCu hnh ACLs cho php ICMP v TCP traffic c chiu inbound v outbound nhng chcho php nu gi tin u tin ca session bt ngun t mng ni b. Tt c cc traffic khcs b cm. Reflexive ACLs c gn trn interface s0/1/0Cc bc cu hnh:B 1: To mt Extend name ACLs cho php cc traffic i ra ngoi

InternetB 2: To mt Extend name ACLs cha Reflexive ACLs t ng c to ra khic gioutbound match vi Name ACLs bc 1.B 3: Gn cc name ACLs cho interface


25/27

c. Time-base ACLs

Cc bc cu hnh:B 1. nh ngha khong thi gian thi hnh ACLs v t cho n mt ci tn.(khong thigian ny ph thuc vo gi h thng trn router, chc nng ny lm vic tt vi s ng bthi gian ca giao thc Network Time Protocol (NTP) nhng lc ny ng h ca routerkhng c s dng. )B 2. p dng khong thi gian ny cho ACLsB 3. P d ng ACL cho interface.


26/27

2.3.Qun l cc ACLs

Hin th tt c ACLs ang s dng. Router(config)#show running-config

- Xem ACLs hot ng trn interface no . Router(config)#show interface [ # ]- Xem vic t v hng i ca ip ACLs:Router(config)#show ip interfaces [ # ]

- Xem nhng cu lnh ACLs: Router(config)#show access-list [ # ]- Hin th tt c ip ACLs: Router#show ip access-list- Hin th ip ACL 100: Router#show ip access-list 100- Xa b m (to clear the counters use): router(config)#show access-list [ # ]router(config)#clear access-list counter [ # ]- Xa Access listrouter(config)#no ip access-list [standard-extended][#]


27/27

router(config)#interface [interface-number]router(config-if)#no access-list [#] [permit deny] [source address] [wildcard mask]

2.4.Mc ch ca ACLs

Báo cáo đề cương tổng quát

Documents

Transcript of Báo cáo đề cương tổng quát